This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/5YD_ag6uFSWOu3cB9Rbc4ffWlR4.roa
File:                     5YD_ag6uFSWOu3cB9Rbc4ffWlR4.roa (raw, json)
Hash identifier:          2mFUZuvbkWNwRbc7m/k77qJYXIRCiDkTs5h7VjGgn4Q=
Subject key identifier:   E5:80:FF:6A:0E:AE:15:25:8E:BB:77:01:F5:16:DC:E1:F7:D6:95:1E
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       019B797EDD5336CB59DD12E20705D743DB0C
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/5YD_ag6uFSWOu3cB9Rbc4ffWlR4.roa
Signing time:             Thu 01 Jan 2026 12:18:35 +0000
ROA not before:           Thu 01 Jan 2026 12:18:35 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     216138
IP address blocks:        178.253.205.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 08:17:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:dd:53:36:cb:59:dd:12:e2:07:05:d7:43:db:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jan  1 12:18:35 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e580ff6a0eae15258ebb7701f516dce1f7d6951e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e5:82:fc:ec:2a:51:d1:86:5a:0c:6d:27:9c:
                    e2:93:86:62:e7:d0:1b:4a:18:38:91:91:d0:9d:d6:
                    b9:6f:52:2e:8f:da:d2:28:10:7b:c1:07:da:ab:ab:
                    95:10:44:54:af:cb:c0:9b:9b:ec:89:a1:aa:76:5b:
                    1b:45:1f:ec:65:ac:6b:66:b7:7c:d1:43:50:b0:f0:
                    02:ee:22:e0:29:09:a0:f0:7b:25:5d:e0:f9:a8:87:
                    61:63:93:0d:8a:f0:d2:ba:18:88:d6:04:e6:e1:8d:
                    2a:15:01:c0:d0:db:ac:ee:37:dd:5e:20:5d:0f:a1:
                    6d:c6:05:d8:aa:f1:16:44:0a:11:8d:ad:a7:73:2f:
                    6b:d6:20:4e:6c:aa:1b:ce:12:a9:e1:4c:78:29:e2:
                    6e:82:92:5d:f6:e5:30:72:3f:1e:d1:1e:9a:48:a4:
                    17:90:50:9d:5d:6d:cc:e5:4e:32:df:51:76:bd:68:
                    67:4c:c3:69:a3:2f:0a:6c:44:cc:f2:1a:59:c5:2e:
                    52:dc:60:26:ef:15:4e:06:93:c6:bc:67:b0:7d:3b:
                    7e:fe:8b:23:c4:9a:bc:1f:28:57:42:1f:6c:03:38:
                    ee:f9:28:5d:07:03:27:9d:21:12:85:d2:dd:a5:d7:
                    71:7f:56:a8:e0:96:af:63:4b:37:d8:e9:36:0f:11:
                    66:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:80:FF:6A:0E:AE:15:25:8E:BB:77:01:F5:16:DC:E1:F7:D6:95:1E
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/5YD_ag6uFSWOu3cB9Rbc4ffWlR4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:c3:4e:6c:0f:b2:53:7f:00:ca:6f:a4:2a:2b:d8:c8:38:47:
         fe:f5:ab:d3:55:7e:5f:a2:ec:80:96:34:82:c3:b9:a4:f8:ea:
         3d:42:e8:4b:99:e0:06:84:a9:c8:23:2b:d3:80:50:99:45:b4:
         2e:81:32:9e:eb:b5:00:86:2f:8e:02:35:7a:69:ad:d9:0e:15:
         3c:57:08:2b:bd:81:a4:3c:64:71:ca:71:f0:ac:ac:48:f5:93:
         6f:a9:3d:b6:8f:94:e4:e8:04:56:39:01:92:e1:55:35:5e:09:
         a6:fa:a0:b0:75:54:ff:89:a9:c7:c3:1f:98:c6:ed:c3:7e:6c:
         0e:dd:e0:cd:ca:ef:3a:f5:70:4e:7a:84:94:38:ae:20:23:66:
         71:ce:35:12:27:64:0f:28:86:71:74:a5:ad:35:96:a5:58:08:
         6b:51:aa:4f:af:e2:ea:7c:1d:7b:7c:a8:c9:1e:63:e9:f1:89:
         3f:9f:7a:0e:94:51:0f:da:9e:2b:d0:b1:ca:45:c6:f9:c8:16:
         68:3c:13:7d:fb:1b:42:18:3a:d3:77:12:c3:56:73:7b:78:a8:
         bf:e6:29:74:65:85:2e:24:83:bf:a1:23:75:ff:25:b0:a9:c5:
         0a:12:02:05:23:62:fa:97:3b:a9:0f:fd:bf:0d:62:22:bc:dc:
         66:45:b5:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5ft1TNstZ3RLiBwXXQ9sMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwMTAxMTIxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTgwZmY2YTBlYWUxNTI1OGViYjc3MDFmNTE2ZGNlMWY3ZDY5NTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+WC/OwqUdGGWgxtJ5zik4Zi59Ab
Shg4kZHQnda5b1Iuj9rSKBB7wQfaq6uVEERUr8vAm5vsiaGqdlsbRR/sZaxrZrd8
0UNQsPAC7iLgKQmg8HslXeD5qIdhY5MNivDSuhiI1gTm4Y0qFQHA0Nus7jfdXiBd
D6FtxgXYqvEWRAoRja2ncy9r1iBObKobzhKp4Ux4KeJugpJd9uUwcj8e0R6aSKQX
kFCdXW3M5U4y31F2vWhnTMNpoy8KbETM8hpZxS5S3GAm7xVOBpPGvGewfTt+/osj
xJq8HyhXQh9sAzju+ShdBwMnnSEShdLdpddxf1ao4JavY0s32Ok2DxFmZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOWA/2oOrhUljrt3AfUW3OH31pUeMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvNVlEX2FnNnVGU1dPdTNjQjlSYmM0ZmZXbFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv3NMA0G
CSqGSIb3DQEBCwUAA4IBAQBGw05sD7JTfwDKb6QqK9jIOEf+9avTVX5fouyAljSC
w7mk+Oo9QuhLmeAGhKnIIyvTgFCZRbQugTKe67UAhi+OAjV6aa3ZDhU8VwgrvYGk
PGRxynHwrKxI9ZNvqT22j5Tk6ARWOQGS4VU1Xgmm+qCwdVT/ianHwx+Yxu3DfmwO
3eDNyu869XBOeoSUOK4gI2ZxzjUSJ2QPKIZxdKWtNZalWAhrUapPr+LqfB17fKjJ
HmPp8Yk/n3oOlFEP2p4r0LHKRcb5yBZoPBN9+xtCGDrTdxLDVnN7eKi/5il0ZYUu
JIO/oSN1/yWwqcUKEgIFI2L6lzupD/2/DWIivNxmRbVd
-----END CERTIFICATE-----